Google oauth via devise 和omniauth/oauth 不断请求访问

发布于 2024-11-04 07:48:08 字数 322 浏览 3 评论 0原文

我可以将 devise 与omniauth(oauth NOT openid)和 devise.rb 配置一起使用,如下所示:

config.omniauth :google, KEY, SECRET

它正确地重定向到google以请求许可(并返回)...

但不幸的是它总是这样做。它应该(我相信)知道我刚刚授权了使用谷歌的权限,并且应该在第一次之后跳过该重定向到谷歌。关于如何让它发挥作用有什么建议吗?

我所说的许可是:“网站 blah.com 正在请求访问您的 Google 帐户以获取下列产品”。我不希望此页面总是重新出现。

I can use devise with omniauth (oauth NOT openid) and a devise.rb config like this:

config.omniauth :google, KEY, SECRET

and it correctly does the redirection to google to ask permission (and returns)...

but unfortunately it always does that. It should (I believe) know that I just authorized permissions to use google and should skip that redirection to google after the first time. Any suggestions on how to get this working?

The permissioning I'm talking about is: "The site blah.com is requesting access to your Google Account for the product(s) listed below". I don't want this page to always reappear.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(6

我做我的改变 2024-11-11 07:48:08

您需要自己实现回调 - Devise 和 Omniauth 默认情况下都不为您提供这些回调。它将负责将用户发送到您的 OAuth 端点并确保他返回,但它不会消耗已发送的信息和/或让用户登录。

这些事情由您来完成。

Devise 有一个关于创建简单回调控制器的 wiki 页面: https://github.com/ plataformatec/devise/wiki/OmniAuth:-概述

Ryan Bates 有一个关于制作更通用回调控制器的 Railscast:http://railscasts.com/episodes/236-omniauth-part-2

我还写了一篇关于通用回调控制器的文章:http://blog.impaled.org /code/2011/2/devise-1-2-with-omniauth-on-rails.html

You need to implement callbacks yourself - neither Devise nor Omniauth provide these for you by default. It will take care of sending the user to your OAuth endpoint and make sure he returns, but it will not consume the information that was sent and/or log the user in.

It's up to you to do these things.

Devise has a wiki page on creating a simple callback controller: https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview

Ryan Bates has a Railscast on doing a more generic callback controller: http://railscasts.com/episodes/236-omniauth-part-2

And I've had a write-up for a generic callback controller as well: http://blog.impaled.org/code/2011/2/devise-1-2-with-omniauth-on-rails.html

柠檬色的秋千 2024-11-11 07:48:08

我升级到最新的omniauth/devise gems并使用google_oauth2 gem(这太棒了!)。

因此,我能够解决我的问题,因为 gem 的创建者添加了一个 parm 来防止重新验证。

请参阅此处

I upgraded to the latest omniauth/devise gems and used google_oauth2 gem (which is awesome!).

Because of this I was able to get past my issue because the creator of the gem added a parm to prevent re-auth.

See here

拒绝两难 2024-11-11 07:48:08

查看:
https://github.com/intridea/omniauth/pull/342

Google 要求我们换成长期身份验证令牌,但我不确定是否有一种干净的方法可以使用omniauth + devise来做到这一点。

Check:
https://github.com/intridea/omniauth/pull/342

Google requires that we swap out for a long term auth token, but I'm not sure there is a clean way to do this with omniauth + devise.

指尖微凉心微凉 2024-11-11 07:48:08

使用omniauth-google-oauth2,我发现您必须将其设置

:approval_prompt => ''

为线路上的选项

provider :google_oauth2, ...

,否则它默认为“强制”,这对我造成了同样的问题。

通过阅读本页上有关approval_prompt的部分推断出这一点: https://github.com/ plataformatec/devise/wiki/OmniAuth:-概述

With omniauth-google-oauth2 I found you have to set

:approval_prompt => ''

as an option on your line

provider :google_oauth2, ...

or it defaults to 'force' instead, which caused the same problem for me.

Deduced this from reading the part about approval_prompt on this page: https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview

2024-11-11 07:48:08

我遇到了一个问题,每次登录都会向用户请求相同的权限。我通过将 access_type: "offline"approval_prompt: "" 添加到我的config 文件夹中的 devise.rb 如下:

config.omniauth :google_oauth2, 'KEYHERE', 'SECRET_HERE', { access_type: "offline", approval_prompt: "", scope: 'userinfo.email,userinfo.profile' }

上面的范围允许我查看有关用户及其电子邮件地址的基本信息。

希望这有帮助。

I had the issue where it would request the same permissions from the user each log in. I solved it by adding the access_type: "offline" and approval_prompt: "" to my devise.rb in the config folder as follows:

config.omniauth :google_oauth2, 'KEYHERE', 'SECRET_HERE', { access_type: "offline", approval_prompt: "", scope: 'userinfo.email,userinfo.profile' }

The scope above allows me to see basic info about the user and their email address.

Hope this helps.

茶底世界 2024-11-11 07:48:08

您必须通过 Google API 控制台启用“通讯录 API”和“Google+ API”

You must enable the "Contacts API" and "Google+ API" via the Google API console

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文